3 research outputs found
Critical Perspectives on Provable Security: Fifteen Years of Another Look Papers
We give an overview of our critiques of “proofs” of security and a guide to
our papers on the subject that have appeared over the past decade and a half. We also
provide numerous additional examples and a few updates and errata
Pairings in Cryptology: efficiency, security and applications
Abstract
The study of pairings can be considered in so many di�erent ways that it
may not be useless to state in a few words the plan which has been adopted,
and the chief objects at which it has aimed. This is not an attempt to write
the whole history of the pairings in cryptology, or to detail every discovery,
but rather a general presentation motivated by the two main requirements
in cryptology; e�ciency and security.
Starting from the basic underlying mathematics, pairing maps are con-
structed and a major security issue related to the question of the minimal
embedding �eld [12]1 is resolved. This is followed by an exposition on how
to compute e�ciently the �nal exponentiation occurring in the calculation
of a pairing [124]2 and a thorough survey on the security of the discrete log-
arithm problem from both theoretical and implementational perspectives.
These two crucial cryptologic requirements being ful�lled an identity based
encryption scheme taking advantage of pairings [24]3 is introduced. Then,
perceiving the need to hash identities to points on a pairing-friendly elliptic
curve in the more general context of identity based cryptography, a new
technique to efficiently solve this practical issue is exhibited.
Unveiling pairings in cryptology involves a good understanding of both
mathematical and cryptologic principles. Therefore, although �rst pre-
sented from an abstract mathematical viewpoint, pairings are then studied
from a more practical perspective, slowly drifting away toward cryptologic
applications
On the security of the identity-based encryption based on DHIES from ASIACCS 2010
In ASIACCS 2010, Chen, Charlemagne, Guan, Hu and Chen proposed an interesting construction of identity-based encryption based on DHIES, whose key extraction algorithm makes use of the multivariate quadratic equation. They proved that their scheme is selective-ID secure against chosen ciphertext attack, i.e. secure in the sense of IND-sIDGGA. Unfortunately, in this paper, we demonstrate that Chen et aJ.\u27s scheme is insecure in the sense of IND-sID-GGA by showing that the private key extraction algorithm of their scheme can be exploited to apply XL algorithm, which is to solve the multivariate quadratic (MQ) problem (under certain conditions)